Computer Security

Computer Security is a Level 10 course given in Semester 2. See the Course Catalogue entry.
Lectures are held on Mondays and Thursdays at 16:10, in Teviot Lecture Theatre Doorway 5, Medial School, Teviot, Central.
The course lecturers are Myrto Arapinis and Kami Vaniea
The first lecture is on Mon 11th January 2016.

Lecture Slides

Slides will be added below as we go along. The slides from last year will give a good idea about what's coming up. Readings are optional. Unless otherwise noted, readings are from the recommended textbook Security In Computing.

1.    11 Jan. Introduction to the course
  • Slides: PDF
  • Reading: Chapter 1 - Introduction
2. 14 Jan. Cyber Essentials Scheme
3. 18 Jan. Network and internet vulnerabilities
  • Slides: PDF, PPT
  • Reading: Chapter 6.2-6.5 - Network security attacks
4. 21 Jan. Network defences
  • Slides: PDF
  • Reading: Chapter 6.6, 6.7 - Cryptography in Network security and Firewalls
5. 25 Jan. Usable security and user training
6. 28 Jan. Buffer overflow attacks
  • Slides: PDF, supplemental slides (PDF) illustrating a correct memory access.
  • Reading: Chapter 3.1 - Unintentional Programming Oversights
9. 1 Feb. Authentication
  • Slides: PDF
  • Reading:
    • Chapter 2.1 - Authentication
    • Chapter 9.3 - Authentication and Privacy
10. 4 Feb. Access control
9. 8 Feb. Web security: injection attacks
  • Slides: PDF
  • Reading: Chapters 4.2 and 4.3 - Web Attacks
10. 11 Feb. Web security: session hijacking, XSS, CSRF
15 Feb. Innovative Learning Week
18 Feb. Innovative Learning Week
11. 22 Feb. Web security: session hijacking, XSS, CSRF cont.
12. 25 Feb. Introduction to secure communications
13. 29 Feb. Stream ciphers
14. 3 Mar. Block ciphers
15. 7 Mar. Hash functions and MACs
16. 10 Mar. Asymmetric ciphers
17. 14 Mar. Cryptographic protocols (I)
18. 18 Mar. Cryptographic protocols (II)
19. 21 Mar. Cryptographic protocols (II)
20. 24 Mar. Protocols for anonymity
21. 28 Mar. Review

These are lecture slides, not comprehensive notes. You should supplement the slides with notes taken in lectures, and from your own reading. References and specific reading recommendations are given in slides, further guidance is given in lectures. The examinable material consists of what is covered in lectures, tutorials and practicals (unless specifically excluded) and the reading recommended in lectures.

Course resources


There are four tutorials. Tutorial groups are managed by the ITO, and will be announced soon.
There are worksheets for the tutorials which will be issued beforehand. You should try each worksheet before the tutorial meeting.

Tutorials are based on question sheets which you should use to help guide your own study for the course. Solutions will be issued a while after the question sheets so you can measure your progress. There is not enough time to cover all topics; you should aim to cover remaining topics to a similar depth of knowledge.

Coursework Exercises

There are two assessed coursework exercises, each worth 12.5% of the final mark.


  • Past papers are on the ITO pages.
    The only solutions available are those already published.
    Older exams include questions on "BAN logic" which has since been removed from the syllabus.

Documents above are in PDF format. Comments, suggestions, corrections are welcomed.
To print course materials, make sure your PDF reader has the correct page size and orientation.

Copyright: except where stated, lecture notes and other course materials are Copyright (C) School of Informatics, University of Edinburgh, and respective authors. Lecture slides prepared by David Aspinall and Myrto Arapinis with additions by Mike Just and Julian Bradfield.
Please respect our rights over this material and contact us if you want to use it in another context.

Home : Teaching : Courses : Cs 

Informatics Forum, 10 Crichton Street, Edinburgh, EH8 9AB, Scotland, UK
Tel: +44 131 651 5661, Fax: +44 131 651 1426, E-mail:
Please contact our webadmin with any comments or corrections. Logging and Cookies
Unless explicitly stated otherwise, all material is copyright © The University of Edinburgh